H3C SecPath F100-C Installation guide

Brand: H3C

Model: SecPath F100-C

Category: Networking

Type: Installation guide

H3C SecPath F100-C Firewall

Installation Manual

Hangzhou H3C Technologies Co., Ltd.

http://www.h3c.com

Manual Version: T2-08044D-20070430-C-1.02

Ltd. and its licensors

No part of this manual may be reproduced or transmitted in any form

or by any means without prior written consent of Hangzhou H3C

Technologies Co., Ltd.

Trademarks

H3C, , Aolynk, , H

Care,

, TOP G, , IRF,

NetPilot, Neocean, NeoVTL, SecPro, SecPoint, SecEngine, SecPath,

Comware, Secware, Storware, NQA, VVG, V

G, V

G, PSPT, XGbus,

N-Bus, TiGem, InnoVision and HUASAN are trademarks of Hangzhou

H3C Technologies Co., Ltd.

All other trademarks that may be mentioned in this manual are the

property of their respective owners.

Notice

The information in this document is subject to change without notice.

Every effort has been made in the preparation of this document to

ensure accuracy of the contents, but all statements, information, and

recommendations in this document do not constitute the warranty of

any kind, express or implied.

To obtain the latest information, please access:

http://www.h3c.com

Technical Support

customer_service@h3c.com

http://www.h3c.com

About This Manual

Related Documentation

In addition to this manual, each H3C SecPath Series Security

Products documentation set includes the following:

Manual Content

H3C SecPath Series

Security Products

Operation Manual

It introduces the functional features,

principles and guide to configuration and

operation for H3C SecPath Series

Security Gateways/Firewalls.

H3C SecPath Series

Security Products

Command Manual

It discusses all commands available in

the configuration and operation on H3C

SecPath Series Security

Gateways/Firewalls. The details include

command name, complete command

form, parameter, operation view, usage

description and configuration example.

H3C SecPath Series

Security Products

Web-Based

Configuration Manual

It directs users to configure the H3C

SecPath Series Firewalls in Web mode.

Organization

H3C SecPath F100-C Firewall Installation Manual is organized

as follows:

Chapter Contents

1 Product Overview

Profiles the system characteristics and

applications. Product appearance and

system description are also available in

this chapter.

2 Preparing for

Installation

Focuses on environment requirements

for system installation, precautions

before and during the installation.

Installation tools are also listed in this

chapter.

3 Installing the H3C

SecPath F100-C

Elaborates on mechanical installation,

physical connection of power cords,

console cables and Ethernet cables.

4 Starting and

Configuring the H3C

SecPath F100-C

Presents fundamentals on system

booting and configuration.

5 Maintaining the H3C

SecPath F100-C

Discusses system software

maintenance, including software

upgrade and configuration file loading.

6 Troubleshooting

Lists common system failures and

specific locating methods.

Conventions

The manual uses the following conventions:

Command conventions

Convention Description

Boldface

The keywords of a command line are in

Boldface.

italic

Command arguments are in italic.

[ ]

Items (keywords or arguments) in square

brackets [ ] are optional.

{ x | y | ... }

Alternative items are grouped in braces

and separated by vertical bars. One is

selected.

[ x | y | ... ]

Optional alternative items are grouped in

square brackets and separated by vertical

bars. One or none is selected.

{ x | y | ... } *

Alternative items are grouped in braces

and separated by vertical bars. A minimum

of one or a maximum of all can be selected.

[ x | y | ... ] *

Optional alternative items are grouped in

square brackets and separated by vertical

bars. Many or none can be selected.

&<1-n>

The argument(s) before the ampersand (&)

sign can be entered 1 to n times.

# A line starting with the # sign is comments.

II. GUI conventions

Convention Description

< >

Button names are inside angle brackets.

For example, click <OK>.

[ ]

Window names, menu items, data table

and field names are inside square

brackets. For example, pop up the [New

User] window.

Multi-level menus are separated by forward

slashes. For example, [File/Create/Folder].

III.

Symbols

Convention Description

Warning

Means reader be extremely careful.

Improper operation may cause bodily

injury.

Caution

Means reader be careful. Improper

operation may cause data loss or damage

to equipment.

 Note Means a complementary description.

Environmental Protection

This product has been designed to comply with the requirements

on environmental protection. For the proper storage, use and disposal

of this product, national laws and regulations must be observed.

Installation Manual

H3C SecPath F100-C Firewall

Table of Contents

Chapter 1 Product Overview ........................................................1-1

1.1 Introduction ........................................................................1-1

1.2 Hardware Features ............................................................1-2

1.2.1 Hardware Features of the H3C SecPath F100-C....1-2

Chapter 2 Preparing for Installation ............................................2-1

2.1 Site Requirements..............................................................2-1

2.1.1 Temperature/Humidity.............................................2-1

2.1.2 Cleanliness ..............................................................2-2

2.1.3 ESD Prevention.......................................................2-3

2.1.4 Electromagnetic Environment .................................2-3

2.1.5 Lightning Protection.................................................2-4

2.1.6 Checking the Installation Site ..................................2-4

2.2 Safety Precautions .............................................................2-5

2.3 Tools, Meters, and Devices ...............................................2-6

Chapter 3 Installing the H3C SecPath F100-C ............................3-1

3.1 Installation Procedure ........................................................3-1

3.2 Installing the H3C SecPath F100-C...................................3-2

3.2.1 Placing the H3C SecPath F100-C on a Table.........3-2

3.2.2 Mounting the H3C SecPath F100-C on a Vertical

Surface .............................................................................

3-2

3.3 Connecting PGND Wire .....................................................3-4

3.4 Connecting the Power Cord...............................................3-5

3.5 Connecting the H3C SecPath F100-C to a Console

Terminal ..................................................................................

3-7

Installation Manual

H3C SecPath F100-C Firewall

Table of Contents

3.6 Connecting the H3C SecPath F100-C to LAN...................3-8

3.7 Connecting the H3C SecPath F100-C to WAN ...............3-10

3.8 Verifying Installation.........................................................3-10

Chapter 4 Starting and Configuring the H3C SecPath F100-C......4-1

4.1 Starting the H3C SecPath F100-C.....................................4-1

4.1.1 Setting Up a Configuration Environment.................4-1

4.1.2 Powering On the H3C SecPath F100-C..................4-5

4.1.3 Startup Process.......................................................4-6

4.2 Configuration Fundamentals..............................................4-8

4.2.1 Basic Configuration Procedure................................4-8

4.2.2 Command Line Interface .........................................4-9

Chapter 5 Maintaining the H3C SecPath F100-C........................5-1

5.1 Boot Menu..........................................................................5-1

5.2 Upgrading Application Programs and Boot ROM program

Using XModem.........................................................................

5-4

5.3 Backing up and Restoring the Extended Segment of the Boot

ROM Program ..........................................................................

5-9

5.4 Upgrading the Application Programs Using TFTP...........5-10

5.5 Uploading/Downloading Application Programs/Files Using

FTP.........................................................................................

5-13

5.5.1 Upgrading Application Programs Using FTP in Boot

ROM ...............................................................................

5-13

5.5.2 Upgrading Application Programs Using FTP in Host

Software .........................................................................

5-16

5.6 Modifying Boot ROM Password .......................................5-23

5.7 Resetting a Lost Password ..............................................5-25

Chapter 6 Troubleshooting...........................................................6-1

6.1 Troubleshooting the Power System ...................................6-1

Installation Manual

H3C SecPath F100-C Firewall

Table of Contents

iii

6.2 Troubleshooting the Console Terminal ..............................6-1

Installation Manual

H3C SecPath F100-C Firewall

List of Figures

Figure 1-1 Front panel of the H3C SecPath F100-C...............1-2

Figure 1-2 Rear panel of the H3C SecPath F100-C ...............1-3

Figure 3-1 Installation procedure ............................................3-1

Figure 3-2 Bottom of the H3C SecPath F100-C chassis ........3-3

Figure 3-3 Wall-mounting the H3C SecPath F100-C..............3-4

Figure 3-4 AC-input PSU.........................................................3-5

Figure 3-5 Console cable assembly........................................3-7

Figure 3-6 Ethernet cable assembly .......................................3-9

Figure 4-1 Local configuration through the console port.........4-1

Figure 4-2 Create a new connection.......................................4-2

Figure 4-3 Select serial interface ............................................4-3

Figure 4-4 Set communication parameter...............................4-4

Figure 4-5 Select emulation type ............................................4-5

Figure 5-1 Send File dialog box ..............................................5-6

Figure 5-2 Sending file interface .............................................5-6

Figure 5-3 Set up a local upload/download environment using

FTP.................................................................................

5-17

Figure 5-4 Set up a remote upload/download environment using

FTP.................................................................................

5-18

Installation Manual

H3C SecPath F100-C Firewall

List of Tables

Table 1-1 Technical specifications of the H3C SecPath F100-C

..........................................................................................

1-3

Table 1-2 LEDs on the H3C SecPath F100-C.........................1-4

Table 1-3 Attributes of the console port ...................................1-5

Table 1-4 Attributes of the Ethernet interface ..........................1-6

Table 2-1 Temperature and humidity requirements in the

equipment room................................................................

2-2

Table 2-2 Limit to the content of dust in an equipment room ..2-2

Table 2-3 Limits of harmful gases in the equipment room.......2-2

Installation Manual

H3C SecPath F100-C Firewall

Chapter 1 Product Overvie

1-1

Chapter 1 Product Overview

1.1 Introduction

H3C SecPath F100-C Firewall (referred to as the H3C SecPath

F100-C) is designed for small office home office (SOHO) users.

H3C SecPath F100-C provides the standard-compliant uplink

Ethernet interface, and can interoperate with the products of other

vendors at every layer, which protects customer’s investment.

H3C SecPath F100-C provides four 10/100 Mbps autosensing

LAN FE interfaces and one 10 Mbps WAN Ethernet interface.

H3C SecPath F100-C employs application specific packet filter

(ASPF) to monitor connection process and malicious commands, and

works together with access control lists (ACLs) to implement dynamic

packet filtering.

H3C SecPath F100-C supports authentication, authorization,

accounting (AAA) and network address translation (NAT) to allow the

secure and reliable network built over the open Internet.

H3C SecPath F100-C provides multiple attack prevention means,

TCP proxy, inside network security, traffic policing, network address

filtering, webpage filtering, mail filtering, to improve network security.

H3C SecPath F100-C provides multiple intelligent analysis and

management means, as well as mail filtering, diverse logs, to help the

network administrator perform security management.

H3C SecPath F100-C supports multiple virtual private network

(VPN) services, such as Layer 2 tunneling protocol (L2TP) VPN, IP

Installation Manual

H3C SecPath F100-C Firewall

Chapter 1 Product Overvie

1-2

security (IPsec) VPN, generic routing encapsulation (GRE) VPN and

dynamic VPN, to access remote branch office into the headquarters.

H3C SecPath F100-C supports the branch intelligent

management system (BIMS) feature to automatically upgrade the

configuration file and application programs, and the VPN manager

function to configure and deploy VPNs.

H3C SecPath F100-C provides basic routing features, including

the routing information protocol (RIP), open shortest path first (OSPF),

routing policy, and policy routing, as well as abundant QoS features,

such as traffic policing, traffic shaping, and queue scheduling.

1.2 Hardware Features

1.2.1 Hardware Features of the H3C SecPath F100-C

I. Appearance

(1)

(2)

(3)

(4) (5)

(6)(7)

(1) Ethernet LED LAN3 (2) Ethernet LED LAN2

(3) Ethernet LED LAN1 (4) Ethernet LED LAN0

(5) WAN LED (6) System LED (SYS)

(7) Power LED (PWR)

Figure 1-1 Front panel of the H3C SecPath F100-C

Installation Manual

H3C SecPath F100-C Firewall

Chapter 1 Product Overvie

1-3

(1)

(2) (3) (4) (5) (6) (7) (8) (9)

(1) Power switch (2) Power socket

(3) Console port (CONSOLE) (4) Ethernet interface 0 (LAN0)

(5) Ethernet interface 1 (LAN1) (6) Ethernet interface 2 (LAN2)

(7) Ethernet interface 3 (LAN3) (8) Grounding screw

(9) WAN interface (WAN)

Figure 1-2 Rear panel of the H3C SecPath F100-C

II. System specifications

Table 1-1 Technical specifications of the H3C SecPath F100-C

Item Description

Interface

One console port

One 10 Mbps Ethernet interface (WAN)

Four 10/100 Mbps Ethernet interface (LAN)

SDRAM 64 MB

Flash memory 8 MB

Max power

consumption

10 W

Installation Manual

H3C SecPath F100-C Firewall

Chapter 1 Product Overvie

1-4

Item Description

Input

Rated voltage range: 100 VAC to 240 VAC,

50 Hz or 60 Hz

Max voltage range: 90 VAC to 264 VAC, 50

Hz or 60 Hz

Current: 0.5 A to 1 A

Power

supply

(external)

output

Voltage: 12 VDC

Current: 4 A

Physical dimensions

(H x W x D)

45 × 300 × 180 mm (1.8 × 11.8 × 7.1 in),

including bulge

Weight 1 kg (2.2 lb)

Operating

temperature

0°C to 40°C (32°F to 104°F)

Relative humidity

(noncondensing)

10% to 90%

III. LEDs

There are seven LEDs, which are described in

Table 1-2, on the

cover of the H3C SecPath F100-C firewall.

Table 1-2 LEDs on the H3C SecPath F100-C

LED Description

LAN0/LAN1/LAN2/LA

N3/WAN

OFF: No link is present.

ON: A link is present.

Blinking: Data is being received or

transmitted on the interface.

Installation Manual

H3C SecPath F100-C Firewall

Chapter 1 Product Overvie

1-5

LED Description

SYS

Blinking: The system is operating

normally.

ON or OFF: The system is faulty.

PWR

OFF: No power is supplied.

ON: Power is being supplied.

IV. Interface attributes

The H3C SecPath F100-C firewall provides the console port, 10

Mbps interface and 10/100 Mbps Ethernet interfaces.

1) Console port

Table 1-3 Attributes of the console port

Item Description

Connector RJ-45

Interface standard Asynchronous RS232

Baud rate

1200 bps to 115200 bps, defaults to 9600

bps

Service

Connected to an ASCII terminal

Connected to the serial interface on a PC

running the terminal emulation software

Command line interface (CLI)

Installation Manual

H3C SecPath F100-C Firewall

Chapter 1 Product Overvie

1-6

2) Ethernet interface

Table 1-4 Attributes of the Ethernet interface

Item 10BASE-T 10/100BASE-T

Connector RJ-45

Operating mode

10 Mbps

Half/full duplex

10/100 Mbps

auto-sensing

Auto-MDI/MDIX

Half/full duplex

Only Layer 2

switching available

Installation Manual

H3C SecPath F100-C Firewall

Chapter 2 Preparing for Installation

2-1

Chapter 2 Preparing for Installation

2.1 Site Requirements

Install the H3C SecPath F100-C indoors and make sure the

environment meets the following requirements for its normal and

durable usage.

2.1.1 Temperature/Humidity

The equipment room must maintain adequate temperature and

humidity. Long-lasting high humidity is prone to cause bad insulation

and even electricity leakage. Sometimes the mechanical performance

changes of materials, the rustiness and corrosion of some metal parts

are also likely to occur. If the relative humidity is too low, the captive

screws can become loose due to insulation washer contraction.

Meanwhile, the static is likely produced in the dry environments,

jeopardizing the CMOS circuit of the product. The higher the

temperature is, the greater the damage to your device. Long-lasting

high temperature can speed up the aging of the insulation materials,

greatly lower the device reliability, and hence significantly shorten its

service life.

Table 2-1 lists the temperature and humidity requirements.

Installation Manual

H3C SecPath F100-C Firewall

Chapter 2 Preparing for Installation

2-2

Table 2-1 Temperature and humidity requirements in the

equipment room

Temperature Relative Humidity

0°C to 40°C (32°F to 104°F)

10% to 90%

2.1.2 Cleanliness

The equipment room must be free of explosion hazards and the

electrical and magnetic conductible dust as well. The contents of the

dust must be limited as shown in the following table:

Table 2-2 Limit to the content of dust in an equipment room

Substance Unit Content

Dust Particle/m³

≤ 3 X 10

(No visible dust on

the table top for

three days)

Note: Diameter of a dust particle ≥ 5μm

Besides the dust, there are rigorous limits on the harmful gases

that can accelerate the erosion and aging of metals, such as salts,

acids, and sulfides, as shown in the following table.

Table 2-3 Limits of harmful gases in the equipment room

Gas Maximum (mg/m

)

0.2

S 0.006

Installation Manual

H3C SecPath F100-C Firewall

Chapter 2 Preparing for Installation

2-3

Gas Maximum (mg/m

)

0.05

0.01

2.1.3 ESD Prevention

Although the H3C SecPath F100-C takes measures to prevent

electrostatic discharge (ESD), its card circuits and even the device can

be badly damaged when excessive static electricity is present.

On the communication network connected to your device, the

static electricity mainly comes from the outside electrical fields, such

as outdoor high-voltage power cables and lightning, and from the

indoor environments, floor materials and the internal system such as

the equipment frame. To prevent damage, observe the following:

z Earth the device and floor well.

z Keep the equipment room as clean as possible.

z Maintain adequate temperature and humidity.

z Wear an ESD-preventive wrist strap and clothes when

handling the circuit board.

z Place the removed circuit board upward on the

ESD-preventive table, or into a static shielding bag.

z Hold the circuit board by its edge when observing or moving

it, avoiding direct contact with the elements on it.

2.1.4 Electromagnetic Environment

All interference sources, wherever they are from, impact the H3C

SecPath F100-C negatively in the conducted emission patterns of

Page is loading ...

H3C SecPath F100-C Installation guide

Brand: H3C

Model: SecPath F100-C

Category: Networking

Type: Installation guide

Download PDF

report

H3C SecPath F100-C Installation guide

H3C SecPath F100-C Installation guide

Related papers

Other documents